Lucene search
PRIOn knowledge basePRION:CVE-2019-0202HistoryJul 26, 2019 - 12:15 a.m.
Code injection
2019-07-2600:15:00
PRIOn knowledge base
www.prio-n.com
6
The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host’s file system that were not intended to be accessible via these endpoints.
| CPE | Name | Operator | Version |
|---|---|---|---|
| storm | eq | 0.9.1 incubating | |
| storm | eq | 0.9.2 incubating | |
| storm | ge | 0.9.3 | |
| storm | le | 1.2.2 |
Related
osv
osv
CVE-2019-0202
2019-07-26 00:15:11
Exposure of Sensitive Information in Apache Storm Logviewer
2022-05-24 16:51:28
cve
cve
CVE-2019-0202
2019-07-26 00:15:11
nvd
nvd
CVE-2019-0202
2019-07-26 00:15:11
ibm
ibm
veracode
veracode
Unauthorized File Access
2019-07-26 07:27:23
cvelist
cvelist
CVE-2019-0202
2019-07-25 23:17:23
github
github
Exposure of Sensitive Information in Apache Storm Logviewer
2022-05-24 16:51:28